Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
925
Views
0
Helpful
3
Replies
J_Vansen_S
Participant
Participant
‎06-05-2012 09:14 PM
‎06-05-2012 09:14 PM

Cisco ASA dual ISP with different services

Hi All,

I have been assigned a task to deploy an additional ASA firewall to a existing customer network.

Current infra

  • 1x Cisco ASA that is used for internet traffic and MS_Exchange Mail traffic

Proposed new infra

  1. Additional Cisco ASA
  2. Used for Remote access vpn (Anyconnect)
  3. DMZ access

Concerns

  1. All of internal users/VLAN will be going to the internet via ISP 1 (default route to ISP1).  My web&app services is hosted on ISP2.
    • Would like be an issue?
  2. A few of the internal users within the same VLAN/subnet would like to use the ISP2. Is that possible?

Please advise

Labels:
0 Helpful
3 REPLIES 3
Tagir Temirgaliyev
Frequent Contributor
Frequent Contributor
‎06-06-2012 03:55 AM
‎06-06-2012 03:55 AM

Hi

A few of the internal users within the same VLAN/subnet would like to use the ISP2. Is that possible?

yes it is.

few of the internal users within the same VLAN/subnet can use the ISP2, they need default route to ASA2

0 Helpful
J_Vansen_S
Participant
Participant
In response to Tagir Temirgaliyev
‎06-06-2012 03:58 AM
‎06-06-2012 03:58 AM

However all users default route is on the L3 Core Switch. How do i achieve this instead?

0 Helpful
Tagir Temirgaliyev
Frequent Contributor
Frequent Contributor
In response to J_Vansen_S
‎06-06-2012 04:04 AM
‎06-06-2012 04:04 AM

There are many ways

1. Another one vlan  for that  few  internal users

2. PBR on core for that  few  internal users

3. put asa2 in the same vlan where users

0 Helpful
Latest Contents
Upgrade Cisco DNA Center
Created by mclymer on 05-18-2022 12:20 PM
0
0
0
0
Learn more about Cisco DNA Center, Version 2.2.3.4
5-minute Cisco Survey – Enter Gift Card Giveaway!
Created by Robert Murphy on 05-18-2022 11:30 AM
1
5
1
5
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation? If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi... view more
OSPF for CCIE Enterprise and Infrastructure Exam
Created by Meddane on 05-13-2022 02:24 AM
0
0
0
0
The ultimate is coming.  
Cisco Champion Radio: S9|E18 CC Unfiltered: Becoming an Expe...
Created by Amilee San Juan on 05-11-2022 12:57 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ... view more
SD-WAN and NAT Types
Created by Meddane on 05-08-2022 01:44 AM
0
0
0
0
In a typical production SD-WAN deployment, we would probably have many remote sites connected via many different Internet connections to a centralized data center or a regional hub. In most regions in the world, Internet providers will always use some typ... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad